6.1
CVE-2024-53459 -
Sysax Multi Server 6.99 is vulnerable to Cross Site Scripting (XSS) via the /scgi?sid parameter.
5.4
CVE-2024-53364 -
A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking Management System v1.13 in /users/view-detail.php. This vulnerability affects the viewid parameter, where improper input sanitization allows attackers to inject malicious SQL queries.
5.5
CVE-2024-53111 - mm/mremap: fix address wraparound in move_page_tables()
In the Linux kernel, the following vulnerability has been resolved: mm/mremap: fix address wraparound in move_page_tables() On 32-bit platforms, it is possible for the expression `len + old_addr < old_end` to be false-positive if `len + old_addr` wraps around. `old_addr` is the cursor in the oldβ¦
7.8
CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_pβ¦
5.5
CVE-2024-53121 - net/mlx5: fs, lock FTE when checking if active
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware deletion function to NULL and unlock the FTE. - Lβ¦
7.8
CVE-2024-29645 -
Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function.
5.3
CVE-2024-12007 - code-projects Farmacia visualizar-produto.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Farmacia 1.0. This affects an unknown part of the file /visualizar-produto.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed toβ¦
7.1
CVE-2024-53742 - WordPress Multilevel Referral Affiliate plugin for WooCommerce plugin <= 2.27 - Reflected Cross Sitβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prism I.T. Systems Multilevel Referral Affiliate Plugin for WooCommerce multilevel-referral-plugin-for-woocommerce allows Reflected XSS.This issue affects Multilevel Referral Affiliate Plugin for Wβ¦
6.5
CVE-2024-53743 - WordPress Countdown Timer for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aezaz Shaikh Countdown Timer for Elementor countdown-timer-for-elementor allows Stored XSS.This issue affects Countdown Timer for Elementor: from n/a through <= 1.3.6.
6.5
CVE-2024-53744 - WordPress Elementor Image Gallery plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SkyBootstrap Elementor Image Gallery Plugin skyboot-portfolio-gallery allows Stored XSS.This issue affects Elementor Image Gallery Plugin: from n/a through <= 1.0.5.